<?php
/*
 * Get the recipe information
 */

F3::call('authentication.php');
if (F3::exists('auth_error'))
{
  // authentication failed
 // return;
}

$rid = F3::get('PARAMS["recipe_id"]');

$param = array('1'=>$rid);

if(F3::exists('SESSION.user_id')):
	$id = F3::get('SESSION.user_id');
else:
	$id = false;
endif;

// check admin status
$params = array('1' => $id);
$admin = DB::sql("SELECT id from admin WHERE id=?", $params);
if(count($admin)>0):
	$admin = 1;
else:
	$admin = 0;
endif;

$re = DB::sql("SELECT avg(rating) as avg, count(*) as ratings from ratings where rid = ?", $param);
$tried = DB::sql("SELECT count(uid) as tried from ratings where rid = ?", $param);
$directions = DB::sql("SELECT step, details from directions where rid = ?", $param);
$comments = DB::sql("SELECT u.nickname, u.email, u.id, c.comment, c.timestamp from comments c, user u where rid = ? and c.uid=u.id order by timestamp desc", $param);
$result = DB::sql("SELECT * from recipes where rid = ?", $param);
if($id):
	$params = array('1'=>$rid, '2'=>$id);
	$favorite = DB::sql("SELECT count(*) as count from favorites where rid = ? and uid = ? ", $params);
	if(count($favorite)==0 || ($favorite[0]['count']==0)):
		$favorite = 0;
	else:
		$favorite = 1;
	endif;
else:
	$favorite = 0;
endif;
$tags = DB::sql("SELECT tid as tag_id, t.name from recipe_tags rt, tags t where rid = ? and rt.tid=t.id ", $param);
$ingredients = DB::sql("SELECT quantity, m.name as measurement, m.abbrev, i.name as ingredient, optional, r.inid as ingredient_id, r.mid as measurement_id from recipe_ingredients r, ingredients i, measurements m where rid = ? and r.inid=i.id and r.mid=m.id", $param);
if(count($result)==0){
	//the recipe doesn't exist
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Recipe doesn't exist.");
	echo json_encode($err);
	return;
}

$params = array('1'=>$rid, '2'=>$id);
$rating = DB::sql("SELECT rating from ratings where rid = ? and uid = ?", $params);
if(count($rating)>0):
	$rating = $rating[0]['rating'];
else:
	$rating = 0;
endif;

$response = array();

foreach($result as $row){
	$response['name'] = $row['name'];
	$response['link'] = $row['link'];
	$response['photo'] = $row['photo'];
	$response['ratings_count'] = $re[0]['ratings'];
	$response['avg_rating'] = $re[0]['avg'];
	$response['user_rating'] = $rating;
	$response['tried'] = $tried[0]['tried'];
	$author = $row['author'];
	$param = array('1'=>$author);
	$temp = DB::sql("SELECT email,nickname from user where id = ?", $param);
	$email = $temp[0]['email'];
	$nickname = $temp[0]['nickname'];
	$response['author_email'] = $email;
	$response['author_nickname'] = $nickname;
	$response['author'] = $row['author'];
	$response['Date'] = $row['Date'];
	$response['prep_time'] = $row['prep_time'];
	$response['inactive_time'] = $row['inactive_time'];
	$response['cook_time'] = $row['cook_time'];
	$response['privacy'] = $row['privacy'];
	$privacy = $row['privacy'];
	$response['yield'] = $row['yield'];
	$response['ingredients'] = $ingredients;
	$response['directions'] = $directions;
	$response['comments'] = $comments;
	$response['tags'] = $tags;
	$response['favorite'] = $favorite;
}


// check that user is authorized to view recipe
$user = F3::get('SESSION.user_id');
//$user = 15;
$param = array('1'=>$author,'2'=>$user);
$friend = DB::sql("SELECT id1 from friends where id1 = ? and id2 = ?", $param);
if(!$admin && ($privacy==1 && $user!=$author)):
	// user is not authorized to view recipe
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Author: $author, User: $user. User is not author");
	echo json_encode($err);
	return;
elseif(!$admin && ($privacy==2 && count($friend)==0 && $user!=$author)):
	header('HTTP/1.1 500 Internal Server Error');
	header("Content-Type: application/json");
	$err = array("error_message" => "Author: $author, User: $user. User is not a friend.");
	echo json_encode($err);
	return;
endif;


header('HTTP/1.1 200');
header("Content-Type: application/json");
echo json_encode($response);
?>